Are Personal Blogs Compatible with Business

Total Page:16

File Type:pdf, Size:1020Kb

Are Personal Blogs Compatible with Business White Paper: Could Government Subversion Affect your Business? Introduction The Internet is awash with speculation following allegations that the IPSEC cryptographic stack in OpenBSD was furnished with a backdoor at the behest of the Federal Bureau of Investigation (FBI). The allegations were made by Gregory Perry in an e-mail to one of the founders of NetBSD - Theo De Raadt – and were published on the BSD mailing lists so that a code audit can be undertaken by those with an interest in doing so. If such a backdoor does exist, it could allow the FBI (and conceviably others) to decrypt communications between servers, whether those communications take place over a Virtual Private Network (VPN) or over a Secure Shell Connection (SSH). This whitepaper will examine the precedents for this allegation as well as the potential impact that such a revelation could have on businesses around the world. NSAKey Although the OpenBSD allegation is being widely discussed, it would not be the first time that a security agency has been accused of attempting to install a 'backdoor' into an operating system. In August 1999 a security researcher located a cryptographic public key in Windows NT 4 (Service Pack 5) named _NSAKEY. It was assumed, from the name, that the key had links to the US National Security Agency (NSA). If true, the NSA would be able to subvert the security of any Windows system. Microsoft denied the allegations and claimed that the name had been chosen because the NSA were responsible for vetting for compliance with US export controls. Microsoft claimed that the key was used in order to ensure compliance with these controls. Shortly after NSAKEY was discovered, a third key was also found, to the apparent surprise of Windows developers attending the conference. Although the allegations were never fully answered, _NSAKey remains in current versions of Windows, albeit under a different name. Lotus Notes The once popular productivity suite, Lotus Notes, was also subverted by the NSA. Due to export controls, Lotus sold international customers a different version of it's suite to the offering available in the US. Prior to striking deals with a number of European Governments, Lotus had published details of the NSA 'trapdoors' built into it's international package. When sending encrypted e-mail, the International version of Notes included the first 24-bits of the 64-bit key in the e-mail headers. This information was encrypted, for security, using a NSA Public Key. This meant that whilst the system remained secure (computationally, at the time) the NSA could easily retrieve the first 24 bits of the key. This weakness would allow the NSA to decrypt intercepted e-mail some 16 million times faster than another attacker! Indeed, it was estimated that the NSA would be able to calculate the final 40-bits of the encryption key within seconds. Once the weakness became widely reported, steps were taken to prevent the 'trapdoor' from being disabled. Notes was updated so that if the field containing the first 24-bits was incorrect, the e-mail would not open. This prevented users from replacing the NSA's key with one of their own. Although Lotus quietly removed the relevant documentation from their website, they never denied the allegation. Instead, they opted to spin the claims as being of benefit to European customers ( US Strength encryption protecting your e-mails from everyone, except the NSA ) IBM still carry information on the trapdoor. Huawei Based Infrastructure Strong concern developed in the UK when it was discovered that British Telecom PLC (BT) had purchased equipment used in their telecoms infrastructure from the company Huawei. Concerns arose over Huawei's intimate relationship with the Government of the Peoples Republic of China (PRC). The concern was that Huawei may have been pressured to include a backdoor allowing the PRC access to the UK's telecoms infrastructure. Such a backdoor would allow an unprecedented level of espionage to take place, not to mention the critical repercussions if the system were to be utilised in a time of war. Concerns still exist, despite efforts by Huawei to convince the populace that their concerns are unfounded. The company has offered to allow independent inspection of it's source code, which conveniently overlooks the fact that backdoors can be both in hardware and software. At time of writing, these concerns remain unresolved. OpenBSD As discussed in the introduction, allegations have been made that the FBI subverted the IPSEC stack in OpenBSD. This crucial function is responsible for handling cryptography within the Operating System, and communications that had been assumed to be secure could be available for easy decryption by US Security Services. Although the backdoor was allegedly planted in OpenBSD, the possible impact is not limited to this Operating System. The OpenBSD IPSEC stack was the first to be freely available and portions of it have been used in other operating systems, including GNU/Linux. Because the allegations have not specified the nature of the subversion, it may take some time to adequately resolve the matter. Indeed, as conspiracy theories abound, it's highly likely that every bug or fault found in the code is likely to be seen, by some, as 'proof' of the subversion. The prevalence of such theories may ensure that the truth of the matter may never come to light. Impact on Business If we assume that all allegations of subversion are true and/or that similar tactics have been employed but not yet detected, then the potential impact on privacy and security is very difficult to overstate. If the NSA/FBI truly do have backdoors in a variety of Operating Systems, this would allow them unrestricted access to the data stored and transmitted by business worldwide (Well, outside the US at least). How they would access this depends on the nature of the backdoor in question. From a European perspective, the biggest concern would surely be that of political and economic espionage. If the NSA/FBI are able to access encrypted communications then they would potentially be able to view anything our Politicians, employee's and customers encrypt and send. Suitable Responses As the recent outrage has shown, it's very easy to develop a knee-jerk reaction to such allegations. Whilst the recent allegations are both concerning and controversial, they remain unproven. It's important to remember that, given the wide influence of the US Government, there's no guarantee that other OS' and applications have not also been subverted. It'd be easy to claim that the only solution is not to use computers for anything remotely sensitive, but in today's world this is not only an excessive response, but one that would be very difficult to effectively implement. Those handling very sensitive information should already be aware that such systems should not be connected to, or accessible from, the Internet. If the network being used is truly inaccessible to outside users then the potential ramifications of such a backdoor are largely negated. In reality, no encryption system used today is 100% cryptographically secure (despite claims by LogMeIn and competitors). Many of the encryption algorithms used today are, however, considered computationally secure (i.e. the computing time required to crack the encryption is so excessive as to ensure that most attackers would be unable to compromise the communication within a reasonable period of time). This means that whilst it is concerning that the NSA/FBI could have a means to decrypt 'secure' communications, in reality anyone with the computing power required could also complete the same task. Admittedly, If a backdoor does exist, it would allow the NSA/FBI to retrieve the plaintext far more expediently (as seen in the Lotus Notes controversy). Those concerned about the existence of NSAKEY are able to remove/replace the key without suffering any issues with the related functions in Windows. Long Term Reactions Although most of the current cryptographic algorithms originated, or are derived from algorthims originating, in the US, there's very little to prevent new algorithms from being developed outside of the US. Indeed, the inclusion of _NSAKEY in Windows actually undermined the claimed goal of the key, because users were able to replace NSAKEY with a more secure cryptographic key. FreeBSD is developed primarily in Canada, so the influence of the US Government and it's agencies is already weakened somewhat. Whilst the FBI could repeat their alleged actions, it is far harder for the US Government to attempt to include backdoors in Operating Systems not developed on US soil. In the future, those requiring 'secure' systems may develop a bias towards Operating Systems not developed in territories open to US interference, and the focus of cryptographic development may also become more focused outside of the US. Open Vs Closed Source Many had assumed that, due to it's open nature, Free Software was immune to such subversion. The recent allegations of FBI subversion cast doubt on this assumption, although the reader should be aware that this may be the very intent of those making the allegations. However, regardless of immunity, it remains more difficult to find evidence of such subversion in closed systems. Open Source, by it's very nature, allows any interested party to perform a code audit, raising the possibility of any backdoor being discovered. It is this principle which has led Theo De Raadt to criticise GNU/Linux users for allowing closed source drivers to be used on their systems (the drivers being binary implementations with full kernel access, i.e. quite easy to hide a backdoor in). If the recent allegations are proven, it may be used as 'proof' by proprietary vendors that Open Source software (OSS) is no more secure than proprietary.
Recommended publications
  • Since Sliced Bread?
    Douglas A. Hamilton WINDOWS NT NT: The Greatest Thing Since Sliced Bread? T'S OFFICIAL. Windows unlike OS/2, is not the only product in the family. Right around the corner is the NT is finally out of the Chicago technology that Microsoft will be using in DOS 7.0 and Windows 4.0. Earli­ oven. The pricing has est betas for software developers are I scheduled for early fall and products been set and delivery dates based on it should be out in 1994. Chicago is a rewrite of the same Win32 have been promised. Those API (application programming interface) seen on NT. Compared with NT, it leaves promises (back in May) out the security (how many of us need government-certified C2 security on our were that the base system personal machines?), portability to RISC processors and the OS/2 character-mode would ship within 60 days and POSIX subsystems. And it wouldn't surprise me if Unicode support were trimmed out or if the networking were and the Advanced Server version would ship 30 days unbundled. What Chicago leaves in is 32- bit flat virtual memory, preemptive multi­ later. So there's every chance that by the time you read tasking, threads, pipes and semaphores­ all the really good stuff in Win32. That be­ this, there'll be piles of Windows NT packages at your comes Windows 4.0. Subtract the graphi­ cal user interface and you get DOS 7.0. local computer store. Is there anyone left who wonders why developers are so excited about NT? It's After a false rumor that Microsoft might price NT at not just because NT is expected to do ex­ tremely well.
    [Show full text]
  • Windows NT Architecture Previous Screen Gilbert Held Payoff Windows NT Is a Sophisticated Operating System for Workstations and Network Servers
    50-30-19 Windows NT Architecture Previous screen Gilbert Held Payoff Windows NT is a sophisticated operating system for workstations and network servers. This article helps network managers to understand the communications capability of workstations and servers running on Windows NT, and data base administrators to determine the suitability of this platform for a structured query language (SQL) data base server. Introduction Windows NT is a 32-bit, preemptive multitasking operating system that includes comprehensive networking capabilities and several levels of security. Microsoft markets two version of Windows NT: one for workstations—appropriately named Windows NT Workstation—and a second for servers—Windows NT Server. This article, which describes the workings of the NT architecture, collectively references both versions as Windows NT when information is applicable to both versions of the operating system. Similarly, it references a specific version of the operating system when the information presented is specific to either Windows NT Workstation or Windows NT Server. Architecture Windows NT consists of nine basic modules. The relationship of those modules to one another, as well as to the hardware platform on which the operating system runs, is illustrated in Exhibit 1. Windows NT Core Modules Hardware Abstraction Layer The hardware abstraction layer (HAL) is located directly above the hardware on which Windows NT operates. HAL actually represents a software module developed by hardware manufacturers that is bundled into Windows NT to allow it to operate on a specific hardware platform, such as Intel X86, DEC Alpha, or IBM PowerPC. HAL hides the specifics of the hardware platform from the rest of the operating system and represents the lowest level of Windows NT.
    [Show full text]
  • Sourcefire White Paper
    And Its Role in the Security Model www.sourcefire.com June 2002 Sourcefire, Inc. 7095 Samuel Morse Drive Suite 100 Columbia, MD 21046 410.290.1616 | 410.290.0024 TABLE OF CONTENTS Table of Contents ............................................................................................................2 Open Source Software: OSS...........................................................................................3 What is OSS?..........................................................................................................................3 History.....................................................................................................................................4 Opinions on OSS.....................................................................................................................4 Arguments in favor of OSS ......................................................................................................5 Security, Stability, and Cost .......................................................................................................................5 Standards, Immediacy, and Lack of Restrictions......................................................................................7 Arguments Against OSS..........................................................................................................7 Status Quo and Security.............................................................................................................................8 Poor Packaging and Support .....................................................................................................................9
    [Show full text]
  • Installing the IPM Client on Windows NT
    CHAPTER 6 Installing the IPM Client on Windows NT IPM supports running only the IPM client software on a Windows NT system. However, you can run the IPM client on Windows NT with an IPM server that resides on a different operating system platform such as Sun Solaris. The IPM client software can be installed from the CD-ROM or it can be downloaded for installation using the IPM server’s web server. This chapter provides the following information about installing the IPM client software on Windows NT: • Requirements for the IPM Client on Windows NT on page 6-2 • Installing the IPM Client on Windows NT from the CD-ROM on page 6-3 • Installing the IPM Client on Windows NT Using the Web Server on page 6-4 • Verifying the IPM Client Installation on Windows NT on page 6-6 • Modifying the IPM Client Configuration on Windows NT on page 6-7 • Uninstalling the IPM Client on Windows NT on page 6-10 Installing the IPM Client on Windows NT 6-1 Requirements for the IPM Client on Windows NT Requirements for the IPM Client on Windows NT The following hardware and software is required to install the IPM client on a Windows NT system: • Windows NT version 4.0 with Service Pack 3 Note IPM software release 2.0 has not been tested with Windows NT Service Pack 4. • 64 MB RAM minimum (128 MB recommended) • 30 MB hard disk space Before you install the IPM client on a workstation running Windows NT, you should know the following information: • IPM server port number for the Naming server (the default is 44342) • Name of the host where the IPM server software is installed Tips The IPM server port number is obtained using the pkgparam -v CSCOcwbS | grep OSAGENT_PORT command on the Solaris server system.
    [Show full text]
  • Level One Benchmark Windows NT 4.0 Operating Systems V1.0.5
    Level One Benchmark Windows NT 4.0 Operating Systems V1.0.5 Copyright 2003, The Center for Internet Security www.cisecurity.org Page 2 of 32 Terms of Use Agreement Background. CIS provides benchmarks, scoring tools, software, data, information, suggestions, ideas, and other services and materials from the CIS website or elsewhere (“Products”) as a public service to Internet users worldwide. Recommendations contained in the Products (“Recommendations”) result from a consensus-building process that involves many security experts and are generally generic in nature. The Recommendations are intended to provide helpful information to organizations attempting to evaluate or improve the security of their networks, systems and devices. Proper use of the Recommendations requires careful analysis and adaptation to specific user requirements. The Recommendations are not in any way intended to be a “quick fix” for anyone’s information security needs. No representations, warranties and covenants. CIS makes no representations, warranties or covenants whatsoever as to (i) the positive or negative effect of the Products or the Recommendations on the operation or the security of any particular network, computer system, network device, software, hardware, or any component of any of the foregoing or (ii) the accuracy, reliability, timeliness or completeness of any Product or Recommendation. CIS is providing the Products and the Recommendations “as is” and “as available” without representations, warranties or covenants of any kind. User agreements. By using the Products and/or the Recommendations, I and/or my organization (“we”) agree and acknowledge that: 1. No network, system, device, hardware, software or component can be made fully secure; 2.
    [Show full text]
  • Windows 95 & NT
    Windows 95 & NT Configuration Help By Marc Goetschalckx Version 1.48, September 19, 1999 Copyright 1995-1999 Marc Goetschalckx. All rights reserved Version 1.48, September 19, 1999 Marc Goetschalckx 4031 Bradbury Drive Marietta, GA 30062-6165 tel. (770) 565-3370 fax. (770) 578-6148 Contents Chapter 1. System Files 1 MSDOS.SYS..............................................................................................................................1 WIN.COM..................................................................................................................................2 Chapter 2. Windows Installation 5 Setup (Windows 95 only)...........................................................................................................5 Internet Services Manager (Windows NT Only)........................................................................6 Dial-Up Networking and Scripting Tool....................................................................................6 Direct Cable Connection ..........................................................................................................16 Fax............................................................................................................................................17 Using Device Drivers of Previous Versions.............................................................................18 Identifying Windows Versions.................................................................................................18 User Manager (NT Only) .........................................................................................................19
    [Show full text]
  • Bastian Ballmann Attack and Defense with Python 3 2Nd Edition
    Bastian Ballmann Understanding Network Hacks Attack and Defense with Python 3 2nd Edition Understanding Network Hacks Bastian Ballmann Understanding Network Hacks Attack and Defense with Python 3 2nd Edition Bastian Ballmann Uster, Switzerland ISBN 978-3-662-62156-1 ISBN 978-3-662-62157-8 (eBook) https://doi.org/10.1007/978-3-662-62157-8 © Springer-Verlag GmbH Germany, part of Springer Nature 2015, 2021 This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the material is concerned, specifcally the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microflms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed. The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication does not imply, even in the absence of a specifc statement, that such names are exempt from the relevant protective laws and regulations and therefore free for general use. The publisher, the authors and the editors are safe to assume that the advice and information in this book are believed to be true and accurate at the date of publication. Neither the publisher nor the authors or the editors give a warranty, expressed or implied, with respect to the material contained herein or for any errors or omissions that may have been made. The publisher remains neutral with regard to jurisdictional claims in published maps and institutional affliations. Responsible Editor: Martin Börger This Springer imprint is published by the registered company Springer-Verlag GmbH, DE part of Springer Nature.
    [Show full text]
  • Windows 10: Considered Harmful
    Windows 10: Considered Harmful 26 August, 2016 Last Updated: 25 September 2016 Previously I made a series of articles against Windows 10, consisting of basic explanation, open letters, and even a long-winded chance.org petition. However, I have come to realize that these various things could be better as one page rather than fragments across my website. On this page I hope to explain why the Windows 10 system is evil and also include why Windows as a whole is Considered Harmful . Sources to unreferenced items in this article can be found in the various resource links on the bottom of the page. Information can also be found in the photographs shown and with a simple web search. The primary reason against the Windows 10 system is an obvious one. The system is designed to be a system that data-mines the user. This is proven time and time again. Using a tool such as wireshark, one can clearly see that it makes encrypted connections to a variety of Microsoft servers. This uses a very weak RSA encryption that can be broken in under a minute. When a user successfully decrypted the encrypted data, he simply converted the decrypted ``.bin'' extension to ``.png'' and opened them. The image files were screen- shots of him installing the RSA decryptor tool. This was in a VM and was a fresh install. In addition to this, another user in Australia also monitored the odd connection but did not decrypt it. He noticed this when he opened a photograph in the Windows Photo App.
    [Show full text]
  • What Is Windows NT
    What is Windows NT Windows NT is worked out on the base OS/2 NT. OS/2 is developed by Microsoft and IBM together. It has Microsoft OS/2 NT and IBM OS/2 two types. The two firms part on bad terms after cooperation. IBM continues to provide OS/2 version but Microsoft renames its OS/2 NT Wndows NT. That is the first generation of Windows NT 3.1. Windows NT is pure 32-bit operating system. It employs advanced NT core technology. NT stands for New Technology. --Source from http://www.powerdatarecovery.com/data-recovery/windows-nt.html Microsoft Windows NT (Network Termination) is a kind of operating system developed by Microsoft. Microsoft hires a few staffs from Digital Equipment Corporation to develop this new system. Many features of this system have showed the early conceptions with VMS, RSX-11, and DEC. Windows NT is the operating system for the workstation, networkserver, and large computer. It can also be used as PC operating system. It has a close relationship with communication services and provides file print service. It can run client/server applications, and it has built-in Internet/Intranet function. It is gradually becoming the standard platform of enterprise network. This article mainly introduces Wondows NT Server4.0. Features 1. 32-bit operating system. Multiple guide function. It is compatible with other operating systems. 2. It realizes the "preemptive" multitask and multithreading operation. 3. It uses SMP technology and supports multi-CPU system. 4. It supports CISC (such as Intel system) and RISC (such as Power PC, R440) and all kinds of hardware platform.
    [Show full text]
  • An Introduction to Windows Operating System
    EINAR KROGH AN INTRODUCTION TO WINDOWS OPERATING SYSTEM Download free eBooks at bookboon.com 2 An Introduction to Windows Operating System 2nd edition © 2017 Einar Krogh & bookboon.com ISBN 978-87-403-1935-4 Peer review by Høgskolelektor Lars Vidar Magnusson, Høgskolen i Østfold Download free eBooks at bookboon.com 3 AN INTRODUCTION TO WINDOWS OPERATING SYSTEM CONTENTS CONTENTS Introduction 9 1 About Windows history 10 1.1 MS-DOS 10 1.2 The first versions of Windows 11 1.3 Windows NT 12 1.4 Windows versions based on Windows NT 13 1.5 Windows Server 15 1.6 Control Questions 17 2 The tasks of an operating system 18 2.1 About the construction of computers 19 2.2 Central tasks for an operating system 20 2.3 Control Questions 22 �e Graduate Programme I joined MITAS because for Engineers and Geoscientists I wanted real responsibili� www.discovermitas.comMaersk.com/Mitas �e Graduate Programme I joined MITAS because for Engineers and Geoscientists I wanted real responsibili� Maersk.com/Mitas Month 16 I wwasas a construction Month 16 supervisorI wwasas in a construction the North Sea supervisor in advising and the North Sea Real work helpinghe foremen advising and IInternationalnternationaal opportunities ��reeree wworkoro placements solves Real work problems helpinghe foremen IInternationalnternationaal opportunities ��reeree wworkoro placements solves problems Download free eBooks at bookboon.com Click on the ad to read more 4 AN INTRODUCTION TO WINDOWS OPERATING SYSTEM CONTENTS 3 Some concepts and terms of the Windows operating system 23 3.1
    [Show full text]
  • Alan Watt "Cutting Through the Matrix" Live on Rbn #101
    Transcripts of: ALAN WATT "CUTTING THROUGH THE MATRIX" LIVE ON RBN #101 - 125 April 14, 2008 – June 9, 2008 Dialogue Copyrighted Alan Watt - 2008 (Exempting Music, Literary Quotes and Callers' Comments) Alan Watt's Official Websites: WWW.CUTTINGTHROUGHTHEMATRIX.COM www.alanwattsentientsentinel.eu "While Inflicting Torture and Pain, Our Masters "All That Was must Pass Away" Make Hay for Financial Gain - May 12, 2008 #113 The End of Morality in the New Corporate Feudal System" - April 14, 2008 #101 "Your Neighbourhood Snoopers are Such Party Poopers" - May 14, 2008 #114 "Crisis Cry-Sis from the Boys at the Top" April 16, 2008 #102 "The Web it said Will Soon be Dead" May 16, 2008 #115 "The Nation-State is now Transcendent, You are now Global Slaves and Interdependent - Analysis "Freedom of Mind for He Who Chooses, Is of Gordon Brown Speech at Kennedy Center" Known by Controllers Who Study The Muses" April 18, 2008 #103 May 19, 2008 #116 "Gorge and Binge to go Out of Fashion" "The Chessboard's Set, The Pawns are in Place, April 21, 2008 #104 As They Move Toward The Humanimal Race" May 21, 2008 #117 "The New Autism ain't What It used to Be - Comparative Studies within Amish Community" "The Mass-Man Moves toward Integration, The April 23, 2008 #105 Few with Spirit toward Separation" May 23, 2008 #118 "Big Brother's Coming Door-to-Door to Enquire about Your Sex Life - "Con of the Carbon Life-form" Strictly For Statistical Reasons, of course" May 26, 2008 #119 April 25, 2008 #106 "For 'Trekkie' fans, It's 'Red Alert!', "Shortly, Food Supplements
    [Show full text]
  • The Hacker Voice Telecomms Digest #2.00 LULU
    P3 … Connections. P5 … You Got Mail… Voicemail. P7 … Unexpected Hack? P8 … Rough Guide To No. Stations pt2. P12 … One Way/One Time Pads. P16 … Communications. Your Letters, Answered… Perhaps! P17 … The Hacker Voice Projects. P19 … Automating Network Enumeration. P22 … An Introduction to Backdoors. The Hackers Voice Digest Team P27 … Interesting Numbers. Editors: Demonix & Blue_Chimp. Staff Writers: Belial, Blue_Chimp, Naxxtor, Demonix, P28 … Phreaking Bloody Adverts! Hyper, & 10Nix. Pssst! Over Here… You want one of these?! Contributors: Skrye, Vesalius, Remz, Tsun, Alan, Desert Rose & Zinya. P29 … Intro to VoIP for Practical Phreaking Layout: Demonix. Cover Graphics : Belial & Demonix. P31 … Google Chips. Printing: Printed copies of this magazine (inc. back issues) are available from P32 … Debain Ubuntu A-Z of Administration. www.lulu.com. Thanks : To everyone who has input into this issue, especially the people who have P36 … DIY Tools. submitted an article and gave feedback on the first Issue. P38 … Beginners Guide to Pen Testing. Back Page: UV’s World War Poster Productions. P42 … The Old Gibson Phone System. What is The Hackers Voice? The Hackers Voice is a community designed to bring back hacking P43 … Introduction to R.F.I. and phreaking to the UK . Hacking is the exploration of Computer Science, Electronics, or anything that has been modified to P55 … Unexpected Hack – The Return! perform a function that it wasn't originally designed to perform. Hacking IS NOT EVIL, despite what the mainstream media says. We do not break into people / corporations' computer systems and P56 … Click, Print, 0wn! networks with the intent to steal information, software or intellectual property.
    [Show full text]